In a previous article, I discussed how organizations are working to protect their industrial control systems (ICS) against intentional and accidental security threats. One of their biggest challenges is figuring out whether their information technology (IT) or operational technology (OT) teams are responsible for ensuring ICS security. Given the...

Today’s VERT Alert addresses the Microsoft May 2017 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-724 on Wednesday, May 10th. In-The-Wild & Disclosed CVEs CVE-2017-0290 Also known as Microsoft Security Advisory 4022344, this is a code execution in the Microsoft Malware Protection Engine...

Microsoft has released an emergency patch for a "critical" remote code execution (RCE) vulnerability affecting its Malware Protection Engine. On 8 May, the Redmond-based technology giant issued a security advisory addressing CVE-2017-0290. The flaw causes the Microsoft Malware Protection Engine to not scan a specially crafted file properly. It...

Last time, I had the honor of speaking with Lesley Carhart, a security incident response team leader who also writes the tisiphone.net cybersecurity blog. She's a Circle City Con staff. I just so happen to be talking to one of the people who's presenting there later this year, Cheryl Biswas. Cheryl is currently a cybersecurity consultant for KPMG....

In previous articles on understanding big data, the need for AI, using encryption and tokenization (including the drawbacks of encryption), and the series on human vulnerabilities, we laid down just some of the building blocks necessary to create a robust cybersecurity strategy. Yet there is a larger problem we often experience: losing the trees for...

In Part 1 of this series, we covered how easy it is for any novice to set up a self-hosted WordPress site and how quickly security can fall between the cracks. In this blog post, I will share with you what to look for in a Webhost provider, how to secure and harden WordPress, and what often-overlooked items you should watch out for during this...

The Shamoon attack campaigns have been busy over the past few months. On November 17, 2016, the operation unveiled its second incarnation by targeting an organization in Saudi Arabia with Disttrack wiper malware. Just a few days later, the second wave of Shamoon 2 once again dropped Disttrack on another Saudi Arabian company's network, only this...

Online extortionists took their attacks to a whole new level last month. They brought the infamous Locky monster back to life after more than three months of hiatus. The architects of the Jigsaw ransomware campaign were busier than ever, contriving seven new variants of their plague. The Hidden Tear, EDA2, and CryptoWire proof-of-concept ransomware...

Users encounter phishing attacks across every medium of their digital lives. Fortunately, there are lots of ways they can protect themselves. When a suspect email lands in their inbox, for example, recipients can check for grammar/spelling errors and other suspicious indicators. They can also verify the source by hovering over or clicking on the...

A backdoor espionage trojan known as Kazuar has API access that it can leverage to run commands on the systems it compromises. The malware, which is written in Microsoft's .NET Framework and uses the ConfuserEX open source packer, initializes by gathering system and malware information and using those items to generate a mutex. It then creates a...

What's happened? You may well be one of the millions of internet users who received a dangerous email offering to share a Google Docs file with you. If you made the mistake of clicking on the link, you could start a process that could potentially result in your email archive and contact lists being slurped up in strangers and the same dangerous...

In today's expanding world of digital security threats, some truths are self-evident. Information security professionals must understand: That change happens That protecting customers and preventing unnecessary downtime is both a financial and moral imperative That we can only collect intelligence on things that we monitor That we must...

We at The State of Security recently began interviewing educators who are helping to launch cyber security programs in Canada's schools. Last time, we spoke with Benjamin Kelly, a teacher at Caledonia Regional High School in New Brunswick. We'll now speak with Pierre Clavet of Collège communautaire du Nouveau-Brunswick (CCNB). Maribeth Pusieski:...

Healthcare organizations reported 328 data breaches in 2016, a substantial increase from 268 the previous year and setting a new all-time high for the industry. According to Bitglass’ 2017 Healthcare Breach Report, the breaches exposed the records of roughly 16.6 million Americans as a result of hacks, lost or stolen devices, unauthorized disclosure...

A new ransomware threat is on the loose, and users better be prepared for it in case it comes knocking on their door. And it’s not the Locky Virus this time! This latest malicious variant goes under the name of ThunderCrypt Virus File Ransomware. For now, it has mainly been infecting users in different Asian countries but if history is any...

Since President Donald Trump took office on Jan 20, he and his administration have done a number of contentious things. Arguably, the most contentious among them is his signing of the Internet Privacy Bill, which allows Internet Service Providers (ISPs) across the U.S. to sell consumer data. Seen as a direct rollback of internet protection laws...

Chances are if you are reading this article, you have already moved some, or perhaps most, of your IT infrastructure to the cloud. While most organizations spend lots of time, energy and money developing strategies for integrating their important data and workflow to the cloud, they usually don’t worry about security and risk management strategies...

The world of IT is moving to the cloud. Market data varies but estimates of cloud usage show approximately 20-25% of overall computing workloads operate in public cloud environments today, with that number expected to grow to 50% over the next 5-10 years (Goldman-Sachs forecast). Organizations are starting to operate in a hybrid environment that...

A vendor of health information technology has restored access to electronic health records (EHR) after it suffered a ransomware attack. On 24 April, EHR and revenue cycle management solutions provider Greenway Health disclosed the ransomware incident to its customers. CEO Scott Zimmerman said there was no evidence that those responsible for the...

April 29, 2017, marked Donald Trump's 100th day in office as President of the United States. Since his inauguration on January 20, President Trump has fulfilled his campaign promises of nominating a conservative judge to the Supreme Court and withdrawing the United States from the Trans-Pacific Partnership. But he has yet to meet some of his other...